We have a few virtual servers running on Proxmos/OpenVZ that have been compromised. The hackers are using sendmail to send out scam emails using our servers. We need to lock the servers down while keeping the sendmail service running for our voicemail-to-email service. We are not sure if the emails are being generated by the server itself via a script or if it is coming from the outside.